Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-11-01 03:26:04 +01:00
Code Issues Packages Projects Releases Wiki Activity

server side checks for username/email/password, closes #41

Browse Source
This commit is contained in:
Baris Soner Usakli
2013-06-25 15:50:14 -04:00
parent 7d49294595
commit ea4f39ca21
3 changed files with 83 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

63
public/src/forum/register.js
View File

@@ -8,32 +8,60 @@
email_notify = document.getElementById('email-notify'),
password_notify = document.getElementById('password-notify'),
password_confirm_notify = document.getElementById('password-confirm-notify'),
usernamevalid = false;
emailexists = false,
emailvalid = false,
userexists = false,
passwordsmatch = false;
passwordsmatch = false,
passwordvalid = false;
$(username).on('keyup change', function() {
if (username.value.length > 2) socket.emit('user.exists', {username: username.value});
else {
usernamevalid = utils.isUserNameValid(username.value);
if(username.value.length < 3) {
username_notify.innerHTML = 'Username too short';
username_notify.className = 'label label-important';
}
else if(!usernamevalid) {
username_notify.innerHTML = 'Invalid username';
username_notify.className = 'label label-important';
}
else {
socket.emit('user.exists', {username: username.value});
}
});
$(emailEl).on('keyup change', function() {
emailvalid = utils.isEmailValid(email.value);
if(!emailvalid) {
email_notify.innerHTML = 'Invalid email address';
email_notify.className = 'label label-important';
}
else
socket.emit('user.email.exists', { email: emailEl.value });
});
password.addEventListener('keyup', function() {
if (password.value.length < 5) {
$(password).on('keyup', function() {
passwordvalid = utils.isPasswordValid(password.value);
if (password.value.length < 6) {
password_notify.innerHTML = 'Password too short';
password_notify.className = 'label label-important';
} else if(!passwordvalid) {
password_notify.innerHTML = 'Invalid password';
password_notify.className = 'label label-important';
} else {
password_notify.innerHTML = 'OK!';
password_notify.className = 'label label-success';
}
}, false);
if(password.value !== password_confirm.value) {
password_confirm_notify.innerHTML = 'Passwords must match!';
password_confirm_notify.className = 'label label-important';
passwordsmatch = false;
}
});
$(password_confirm).on('keyup', function() {
if(password.value !== password_confirm.value) {
@@ -63,14 +91,10 @@
socket.on('user.email.exists', function(data) {
emailexists = data.exists;
emailvalid = isEmailValid(email.value);
if (data.exists === true) {
email_notify.innerHTML = 'Email Address exists';
email_notify.className = 'label label-important';
} else if(!emailvalid) {
email_notify.innerHTML = 'Invalid email address';
email_notify.className = 'label label-important';
}
else {
email_notify.innerHTML = 'OK!';
@@ -78,12 +102,6 @@
}
});
// from http://stackoverflow.com/questions/46155/validate-email-address-in-javascript
function isEmailValid(email) {
var re = /[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?/;
return re.test(email);
}
// Alternate Logins
var altLoginEl = document.querySelector('.alt-logins');
altLoginEl.addEventListener('click', function(e) {
@@ -97,10 +115,10 @@
}
});
// Form Validation
function validateForm() {
var validated = true;
if (username.value.length < 2) {
if (username.value.length < 2 || !usernamevalid) {
username_notify.innerHTML = 'Invalid username';
username_notify.className = 'label label-important';
validated = false;
@@ -111,6 +129,10 @@
validated = false;
}
if(password.value !== password_confirm.value) {
password_confirm_notify.innerHTML = 'Passwords must match!';
}
if (!emailvalid) {
email_notify.innerHTML = 'Invalid email address';
validated = false;
@@ -121,10 +143,7 @@
validated = false;
}
if(userexists)
validated = false;
if(!passwordsmatch)
if(userexists || !passwordsmatch || !passwordvalid)
validated = false;
return validated;

31
public/src/utils.js
View File

@@ -83,6 +83,20 @@
return str;
},
// from http://stackoverflow.com/questions/46155/validate-email-address-in-javascript
isEmailValid: function(email) {
var re = /[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?/;
return re.test(email);
},
isUserNameValid: function(name) {
return (name && name !== "" && !(/^\s*$/.test(name)));
},
isPasswordValid: function(password) {
return password && password.indexOf(' ') === -1 && password.length > 5;
},
// Blatently stolen from: http://phpjs.org/functions/strip_tags/
'strip_tags': function(input, allowed) {
allowed = (((allowed || "") + "").toLowerCase().match(/<[a-z][a-z0-9]*>/g) || []).join(''); // making sure the allowed arg is a string containing only tags in lowercase (<a><b><c>)
@@ -96,6 +110,23 @@
}
if (!String.prototype.trim) {
String.prototype.trim=function(){return this.replace(/^\s+|\s+$/g, '');};
}
if (!String.prototype.ltrim) {
String.prototype.ltrim=function(){return this.replace(/^\s+/,'');};
}
if (!String.prototype.rtrim) {
String.prototype.rtrim=function(){return this.replace(/\s+$/,'');};
}
if (!String.prototype.fulltrim) {
String.prototype.fulltrim=function(){return this.replace(/(?:(?:^|\n)\s+|\s+(?:$|\n))/g,'').replace(/\s+/g,' ');};
}
if ('undefined' !== typeof window) {
window.utils = module.exports;
}

10
src/user.js
View File

@@ -163,12 +163,20 @@ var utils = require('./../public/src/utils.js'),
User.create = function(username, password, email, callback) {
username = username.trim();
email = email.trim();
if(!utils.isEmailValid(email) || !utils.isUserNameValid(username) || !utils.isPasswordValid(password)) {
console.log('Invalid email/username/password!');
callback(null, 0);
return;
}
var userslug = utils.slugify(username);
User.exists(userslug, function(exists) {
if(exists) {
console.log("user name taken");
callback(null, 0);
return;
}